General
-
Target
bb0da5df8937523b0a9644af81f400d5c017fe569a186586c53a1ffdd3a9ec83
-
Size
4.2MB
-
Sample
230608-fpxl1sch4w
-
MD5
d5f65f3481bd75397f440406be41e5d8
-
SHA1
f5c7d4ca58b383242d9f06b645393484b8383c6d
-
SHA256
bb0da5df8937523b0a9644af81f400d5c017fe569a186586c53a1ffdd3a9ec83
-
SHA512
4d818f8c4eb12c7c5ca882fa3b0104e188d0f60042c1b5297ddb84ae693736245c71569147bbdb682220170baaff9eaf03c1bd94b43dedd279b4442da3c81813
-
SSDEEP
98304:cL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koay:I9SJ4yTnCtCAbspfvRay
Static task
static1
Malware Config
Targets
-
-
Target
bb0da5df8937523b0a9644af81f400d5c017fe569a186586c53a1ffdd3a9ec83
-
Size
4.2MB
-
MD5
d5f65f3481bd75397f440406be41e5d8
-
SHA1
f5c7d4ca58b383242d9f06b645393484b8383c6d
-
SHA256
bb0da5df8937523b0a9644af81f400d5c017fe569a186586c53a1ffdd3a9ec83
-
SHA512
4d818f8c4eb12c7c5ca882fa3b0104e188d0f60042c1b5297ddb84ae693736245c71569147bbdb682220170baaff9eaf03c1bd94b43dedd279b4442da3c81813
-
SSDEEP
98304:cL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koay:I9SJ4yTnCtCAbspfvRay
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-